Bug Bounties Expands On Google Play

Google is expanding its bug bounties on Google Play, by making changes to the Google Play Security Reward Program (GPSRP) and launching a new Developer Data Protection Reward Program (DDPRP).

The company has increased the scope of GPSRP to include all apps in Google Play with more than 100 million installs. These apps are now eligible for rewards. According to the Google vulnerability data from GPSRP helps Google create automated checks that scan apps in Google Play for similar vulnerabilities.

Source: Google

The company also launched the Developer Data Protection Reward Program in collaboration with HackerOne. It will identify and mitigate data abuse points in Android apps, OAuth projects, and Chrome extensions.

This program specifically aims to discover situations where user data is being used or sold surprisingly, or repurposed in an illegitimate way without user consent.